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REMARKS 

Reconsideration of the application is respectfully requested for the following reasons: 

1. Rejection of Claims 1 and 10 Under 35 USC $103(a) in view of U.S. Patent No. 
6,167,445 (Gai) and U.S. Patent Publication No. 2003/0236999 TBrustoloni) 

This rejection is respectfully traversed on the grounds that the Gai patent and Brustoloni 

publication, whether considered individually or in any reasonable combination, fail to disclose 

or suggest an apparatus for providing priority queuing to packets, as claimed, in which: 

• a decision engine queues the packets into at least two queues having priority levels that 
are based on source addresses . 

• a scheduler dequeues the packets at different rates according to the priority levels, 

so that packets with source addresses recognized to be legitimate are serviced at a higher rate 
than packets with unknown source addresses or whose legitimacy is still to be proven. 

The Gai patent, in contrast, discloses prioritizing data link frames based on eight traffic 
types shown in the table in col. 2, lines 25-40, and indicated by the DS field of an IP header, 
which is not the same as prioritizing based on packet source addresses. The prioritization is 
not at the packet level, and is not based on source addresses but rather a special "DS" field 
described in col. 3, lines 31-45 of the Gai patent (see also, col. 6, lines 27-32). The prioritizing 
device disclosed in the Gai patent is thus fundamentallv different than that of the claimed 
invention. 

These fundamental differences are not made up for by the Brustoloni publication, which 
like the claimed invention is directed to a method of preventing denial of service attacks that 
spoof a source address, but in which the source address is only checked at an "access router" 101, 
which uses a process known as "ingress filtering" to drop packets with suspect source addresses. 
Brustoloni also teaches an Intemet exchange router 104 that prioritizes packets into privileged 
and unprivileged classes, but the prioritization is not based on source address, but rather the 
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packets are from an access router 105 that supports ingress filtering, or an access router 106 that 
does not support packet filtering. 

It is respectfully submitted that the Examiner has misunderstood the teachings of the 
Brustoloni publication. Brustoloni's packets go through two steps on their way to the 
destination, but neither involves prioritization based on packet source addresses. Instead, the 
packets initially pass through an access router 105 that performs ingress filtering by dropping 
packets with suspect source addresses, and then through a separate exchange server 104 that 
prioritizes based packets based on whether the packets came from a router that supports ingress 
filtering (router 105) or one that does not (router 106). 

Neither the access router 105 nor the exchange server 104 (or the router 106) can be 
said to prioritize packets based on source address. To the contrary, the exchange server 1 04 that 
prioritizes the packets does not care what the source address is. It only cares about whether the 
packets were forwarded by a router that supports ingress filtering of the packets. On the other 
hand, the access router 105 does not prioritize packets but only accepts or drops packets based 
on the source address (while the router 106 does not even check source address). It is 
respectfully submitted that those skilled in the art would understand that prioritization based on 
ISP (Le. . on whether the router that supplies the packets supports ingress filtering) is not the same 
as prioritization based on whether a source address of a packet is known or unknown since the 
access router does not change the source address of the packet . 

Since the Brustoloni publication does not teach prioritization based on source address (but 
rather teaches prioritization based on whether an ISP that supplied the packet supports ingress 
filtering), the Brustoloni publication could not have suggested modification of the frame 
prioritization of Gai to obtain the claimed invention-even if there was a motivation to combine 
the two references, which there is not. The Examiner will note that Brustoloni and Gai teach 
different IP "levels/' one involving packet routing based on ISP connections and the other 
involving frame forwarding based on DS-field indicated traffic types, which are basically 
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incompatible contexts. As a result, not only do the references fail to disclose or suggest the 
feature of packet prioritization based on whether the packets are routed by an ISP that supports 
ingress filtering, but it is respectfully submitted that the subject matter of claims 1 and 10 cannot 
properly be considered to be obvious in view of the Gai patent and Brustoloni publication, and 
withdrawal of the rejection of claims 1 and 10 under 35 USC § 1 03(a) is respectfully requested. 

2. Rejection of Claims 1-18 Under 35 USC S103(a^ in view of U.S. Patent No. 6,167>445 
(Gai) and U.S. Patent PubHcation No. 2003/01 10393 (Brocks 

This rejection is respectfully traversed on the groxmds that the Gai patent and Brock 
publication, like the Gai patent and Brustoloni publication discussed above, fail to disclose or 
suggest an apparatus for providing priority queuing to packets, as claimed, in which: 

• packets are prioritized into at least two queues having priority levels that are based on 
source addresses , 

• the packets are dequeued at different rates according to the priority levels, 

so that packets with source addresses recognized to be legitimate are serviced at a higher rate 
than packets with unknown source addresses or whose legitimacy is still to be proven. Instead, 
as explained above, the Gai patent does not even concern packet prioritization, and does not 
involve prioritization based on packet source addresses. Furthermore, the Brock publication does 
not prioritize based on source address, but rather blocks packets from a particular source address 
when a denial of service attack is detected based on the frequency of occurrence of "signature 
events" such as denied log-ins that indicate a denial of service attack. 

It is respectfully submitted that Brock's blocking of a source address after a denial of 

service attack has been detected (based on fi-equencv of occurrence of signature events) is not 

analogous to. or suggestive of, the claimed prioritization based on packet source addresses . The 

only mention in Brock of using source addresses is as a "suggested action'* included with an alert 

by the intrusion detection system. In that case, as explained in col. 3, lines 7-11: 

For the benefit of the network administrator, the alert may include suggested 
actions, for example ''configure filter to block incoming messages with source 
address OOw.OOx.OOy.OOz. " 
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Blocking of a source address that has already been found to be responsible for an attack is 
fundamentally different than the claimed prioritization of packets (based on whether the source 
address is known or unknown). 

The reason that the claimed invention prioritizes packets based on source address is not 
to block the packets or to detect attacks, but rather to minimize damage based on the principle 
that packets from legitimate source addresses should be serviced before packets from unknown 
source addresses. The unknown source address packets will very likely tum out to be legitimate, 
and will be serviced in due course, but even if the some of the packets represent an attack, 
servicing of the known packets can still proceed, giving the server time to deal with the attack. 
Li contrast, Brock is directed to detecting attacks, not by source address, but rather by frequency 
of occurrence of such "signature events" as denied log-ins. If a server detects that too many 
unauthorized log-ins are occurring, then it can conclude that an attack is in fact underway and 
block the packets that are requested the log-ins. 

Since neither the Gai patent nor the Brock publication even remotely suggests 
prioritization based on source address, rather than prioritization based on DS field (Gai) or 
blocking based on source address (Brock), it is respectfully submitted that the rejection of claims 
1 - 1 8 is improper and withdrawal of the rejection under 35 USC § 1 03(a) is respectfully requested. 

3. Rejection of Claims 7 and 16 Under 35 USC $103(a) in view of U.S. Patent No. 
6.167,445 (Gai^ and U.S. Patent Publication Nos. 2003/0110393 (Brocks and 
2001/0052024 TDevarakonda) 

This rejection is respectfully traversed on the grounds that the Devarakonda publication, 
like the Gai patent and Brock publication, fails to disclose or suggest an apparatus for providing 
priority queuing to packets, as claimed, in which packets are prioritized into at least two queues 
having priority levels that are based on source addresses , and the packets are dequeued at 
different rates according to the priority levels, so that packets with source addresses recognized 
to be legitimate are serviced at a higher rate than packets with unknown source addresses or 
whose legitimacy is still to be proven. Instead, the Devarakonda publication discloses a router 
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that routes packets based on "affinity" between clients. There is no disclosure of routing packets 
at different rates, much less based on priorities determined according to source addresses. As 
a result, the Devarakonda pubUcation could not possibly have suggested modification of the 
systems or methods of either Gai or Brock, or any reasonable combination of Gai and Brock, to 
obtain the claimed invention. Withdrawal of the rejection of claims 7 and 16 under 35 USC 
§ 103(a) is therefore respectfully requested. 

Having thus overcome each of the rejections made in the Official Action, withdrawal of 
the rejections and expedited passage of the application to issue is requested. Should the 
Examiner nevertheless feel that amendments to the claims would be desirable to better 
distinguish the references, the Examiner is invited to contact the undersigned at the number listed 
below to discuss the amendments. 



Date: March 18, 2008 

BACON & THOMAS, PLLC 
625 Slaters Lane, 4th Floor 
Alexandria, Virginia 22314 

Telephone: (703) 683-0500 



Respectfully submitted. 



BACON & THOMAS, PLLC 
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By: JIMZEGEER 

Registration No. 18,957 
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